CVE-2025-38157 – “Qualcomm ath9k_htc USB WMI Out-of-Bounds Read/Write”

July 3, 2025

CVE ID : CVE-2025-38157

Published : July 3, 2025, 9:15 a.m. | 2 hours, 14 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

wifi: ath9k_htc: Abort software beacon handling if disabled

A malicious USB device can send a WMI_SWBA_EVENTID event from an
ath9k_htc-managed device before beaconing has been enabled. This causes
a device-by-zero error in the driver, leading to either a crash or an
out of bounds read.

Prevent this by aborting the handling in ath9k_htc_swba() if beacons are
not enabled.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-38158 – Hisi Acc VFio PCI DMA Address Error Vulnerability

Next Article CVE-2025-38156 – Marvell MT7996 Null Pointer Dereference Vulnerability (WiFi)

Mirantis reveals Lens Prism, an AI copilot for operating Kubernetes clusters

Avoid these common platform engineering mistakes

Full-Stack Techies vs Toptal: Which Is Better for React.js Outsourcing?

The AI productivity paradox in software engineering: Balancing efficiency and human skill retention

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

Microsoft reportedly lacks the know-how to fully leverage OpenAI’s tech — despite holding IP rights

PHP 8.5.0 Alpha 1 available for testing

PHP 8.5.0 Alpha 1 available for testing

Recording cross browser compatible media

Celebrating Perficient’s Third Databricks Champion

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

Capcom reports that its Steam game sales have risen massively — despite flagship titles like Monster Hunter Wilds receiving profuse backlash from PC players

Cloudflare is fighting to safeguard “the future of the web itself” — standing directly in the way of leading AI firms

CVE-2025-38157 – “Qualcomm ath9k_htc USB WMI Out-of-Bounds Read/Write”

Critical Lucee Flaw (CVE-2025-34074, CVSS 9.4): Authenticated RCE Via Scheduled Task Abuse, Metasploit Module Out

Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours

CVE-2025-4251 – PCMan FTP Server Remote Buffer Overflow

CVE-2025-48279 – WC MyParcel Belgium Cross-site Scripting (XSS)

CVE-2025-6029 – KIA Aftermarket Generic Smart Keyless Entry System Replay Attack

Elevate your UX research game with better questions

Build conversational interfaces for structured data using Amazon Bedrock Knowledge Bases

CVE-2025-5871 – Papendorf SOL Connect Center Web Interface Authentication Bypass Vulnerability

French deeptech mirSense raises €7M to industrialise quantum laser tech

Apple’s AI Promises Just Got Exposed — Here’s What They’re Not Telling You

CVE-2025-38157 – “Qualcomm ath9k_htc USB WMI Out-of-Bounds Read/Write”

Related Posts